package com.jiayuan.cn.energy.config;

import com.jiayuan.cn.energy.service.UserService;
import com.jiayuan.cn.energy.util.RSACoder;
import com.jiayuan.cn.energy.util.RSAUtil;
import jakarta.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;

@Slf4j
@Configuration
@EnableWebSecurity
public class SecurityConfig {


//    @Bean
//    public PasswordEncoder passwordEncoder() {
////        明文密码
////        return NoOpPasswordEncoder.getInstance();
//        return new BCryptPasswordEncoder();
//    }

    @Resource
    UserService userService;

    // 自定义Encoder
    @Bean
    public PasswordEncoder passwordEncoder() {
        // 返回一个不进行任何加密的密码编码器
        return new PasswordEncoder() {
            @Override
            public String encode(CharSequence rawPassword) {
                log.info("Encoding password:{}", rawPassword);
                // 直接返回明文密码
                return rawPassword.toString();
            }

            @Override
            public boolean matches(CharSequence rawPassword, String encodedPassword) {
                log.info("rowPassword:{}|encodePassword:{}", rawPassword, encodedPassword);
                // 比较密码是否一致
                return rawPassword.toString().equals(encodedPassword);
            }
        };
    }

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        log.info("securityFilterChain");
        http.authorizeHttpRequests(authorizeHttpRequests -> authorizeHttpRequests
                .requestMatchers(HttpMethod.POST, "/login").permitAll()
                .requestMatchers("/getPublicKey", "/bootstrap.min.css", "img/login-owl-head.png",
                        "img/login-owl-hand.png", "js/jquery-3.7.1.min.js", "js/jsencrypt.js", "js/crypto-js.min.js").permitAll()
                .anyRequest().authenticated());
        http.formLogin(formLogin -> formLogin
                .loginPage("/login.html")
                .loginProcessingUrl("/login")
                .permitAll());
        http.headers(httpSecurityHeadersConfigurer -> {
            httpSecurityHeadersConfigurer.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable);
        });
        // 6.2 版本里这里要使用 csrf.disable() 而不是 withDefault() 方法,withDefault()方法的，个人实践不成功
        // http.csrf(csrf -> csrf.disable());
        http.csrf(AbstractHttpConfigurer::disable);
        return http.build();
    }

}